9 matches found
Important: ecs-service-connect-agent
Issue Overview: Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedgeonpertrytimeout is enabled, 2. pertryidletimeout is enabled it can only be done in configuration, 3...
cri-o security update
cri-o 1.26.4-2 - Address CVE-2024-24786 cri-tools 1.26.1-5 - Address CVE-2024-24786 etcd 3.5.10-3 - Address protobuf CVE-2024-24786 3.5.10-1 - Added Oracle specific build files istio 1.17.8-3 - Address protobuf CVE-2024-24786 - Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323,...
cri-o security update
cri-o 1.26.4-2 - Address CVE-2024-24786 cri-tools 1.26.1-5 - Address CVE-2024-24786 etcd 3.5.10-3 - Address protobuf CVE-2024-24786 3.5.10-1 - Added Oracle specific build files istio 1.17.8-3 - Address protobuf CVE-2024-24786 - Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323,...
cri-o security update
cri-o 1.25.5-2 - Address CVE-2024-24786 cri-tools 1.25.0-4 - Address CVE-2024-24786 etcd 3.5.9-4 - Address protobuf CVE-2024-24786 3.5.9-3 - Address CVE-2023-39326 by upgrading golang to version 1.20.12 istio 1.16.7-4 - Address protobuf CVE-2024-24786 - Backport from 1.19.7 to address...
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2024-543)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-543 advisory. Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1...
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2024-034)
The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-034 advisory. Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happ...
Important: ecs-service-connect-agent
Issue Overview: Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedgeonpertrytimeout is enabled, 2. pertryidletimeout is enabled it can only be done in configuration, 3...
CVE-2024-23322 Envoy crashes when idle and request per try timeout occur within the backoff interval
Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedgeonpertrytimeout is enabled, 2. pertryidletimeout is enabled it can only be done in configuration, 3. per-try-timeout...
CVE-2024-23322
Envoy proxy vulnerability set (CVE-2024-23322 and related CVEs 23323–23327). The primary issue (CVE-2024-23322) triggers a crash when hedge_on_per_try_timeout, per_try_idle_timeout, and per-try-timeout are enabled and their timings overlap within the idle backoff interval. The advisories state th...